We have a customer asking for a deeper proxy configuration or restriction in their AWS integration, they just don´t want to include all the *.amazonaws.com domain in the proxy as documentation says
"In all the cases, make sure that your Environment ActiveGate or Managed Server have a working connection to AWS. Configure your proxy for Managed or ActiveGate, or include *.amazonaws.com in your firewall settings. "
Any ideas on how to add their AWS ID into their proxy settings or create a specific rule to be more restrictive?
Thanks in advance,
Solved! Go to Solution.
Hi, can you please refer to the doc page stating that? In general, there's no such a requirement for a Managed server, as the traffic to AWS is routed via Mission Control.
For Environment AG that is true if you use it to monitor your AWS account resources, however you can set up a dedicated proxy for that.
AFAIK there's no possibility to restrict just your account in proxy.
Thanks Radoslaw, the quota its just from the access methods section from here
We are going to ensure all the Mission Control communication is properly configured
Ahh I see. So this requirement comes only if you don’t want to install a dedicated environment AG. In that case you utilize AG embedded into a cluster node. For the security reasons I’d rather suggest using a dedicated Env AG, possibly deployed in AWS.
Having Env Ag in AWS you can guarantee security by configuration of appropriate AWS role.
hope that makes sense to you.